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Abstract 



. Deciding whether the union of two convex polyhedra is itself a convex polyhe- 

dron is a basic problem in polyhedral computations; having important applica- 
tions in the field of constrained control and in the synthesis, analysis, verification 
and optimization of hardware and software systems. In such application fields 
though, general convex polyhedra are just one among many, so-called, numeri- 
cal abstractions^ which range from restricted families of (not necessarily closed) 



, convex polyhedra to non-convex geometrical objects. We thus tackle the prob- 

^ ' lem from an abstract point of view: for a wide range of numerical abstractions 

that can be modeled as bounded join-semilattices — that is, partial orders where 
' any finite set of elements has a least upper bound — , we show necessary and 

. sufficient conditions for the equivalence between the lattice-theoretic join and 

QQ ' the set-theoretic union. For the case of closed convex polyhedra — which, as 

. far as we know, is the only one already studied in the literature — we improve 

upon the state-of-the-art by providing a new algorithm with a better worst-case 
. complexity. The results and algorithms presented for the other numerical ab- 

' stractions are new to this paper. All the algorithms have been implemented, 

0^ . experimentally validated, and made available in the Parma Polyhedra Library. 



Key words: polyhedron, union, convexity, abstract interpretation, numerical 
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1. Introduction 



For n G N, let D„ C p(K") be a set of finitely- representable sets such that 
(Un, ^) is a bounded join-semilattice, that is, a minimum element exists as well 
as the least upper bound for all Di,D2 G B„ . Such a least upper bound — let 
us denote it by Di l+) D2 and call it the join of Di and D2 — is, of course, not 
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guaranteed to be equal to Di U D2. More generally, we refer to the problem of 
deciding, for each finite set {Di, . . . , ^ D„, whether l+J^^^ Di = as 
the exact join detection problem. 

Examples of D„ include n-dimensional convex polyhedra, either topologically 
closed or not necessarily so, restricted families of polyhedra characterized by in- 
teresting algorithmic complexities — such as bounded- difference and octagonal 
shapes — , Cartesian products of some families of intervals, and other "box-like" 
geometric objects where the intervals can have "holes" (for instance, Cartesian 
products of modulo intervals [s^, HI] fall in this category) . All these numerical 
abstractions allow to conveniently represent or approximate the constraints aris- 
ing in constrained control (see, e.g., [2^) and, more generally, in the synthesis, 
analysis, verification and optimization of hardware and software systems (see, 
e.g., i). 

The restrictions implied by convexity and/or by the "shapes" of the geo- 
metric objects in D„ are sometimes inappropriate for the application at hand. 
In these cases, one possibility is to consider finite sets of elements of Bn. For 
instance, many applications in the field of hardware/software verification use 
constructions hke the finite powerset domain of [ij: this is a special case of 
disjunctive completion (2^ . where disjunctions are implemented by maintain- 
ing an explicit (hence finite) and non-redundant collection of elements of D„. 
Non-redundancy means that a collection is made of maximal elements with re- 
spect to subset inclusion, so that no element is contained in another element 
in the collection. The finite powerset and similar constructions are such that 
Qi = {Di, . . . , Dh-i, Dh, . . . , Dk} and Q2 = {Di, . . . , Dh-i,D} are two differ- 
ent representations for the same set, if [Ji=?i — WiL/i. Di ~ D. The latter 
representation is clearly more desirable, and not just because — being more 
compact — it results in a better efficiency of all the involved algorithms. In the 
field of control engineering, the ability of efficiently simplifying Qi into Q2 can 
be used to reduce the complexity of the solution to optimal control problems, 
thus allowing for the synthesis of cheaper control hardware 15, T^. Similarly, 
the simplification of Qi into Q2 can lead to improvements in loop optimiza- 
tions obtained by automatic code generators such as CLooG jl^. In the same 
application area, this simplification allows for a reduction in the complexity of 
array data-flow analysis and for a simplification of quasi-affine selection trees 
(QUASTs). In loop optimization, dependencies between program statements 
are modeled by parametric linear systems, whose solutions can be represented 
by QUASTs and computed by tools like PIP 25| , which, however, can generate 
non-simplified QUASTs. These can be simplified efficiently provided there is 
an efficient procedure for deciding the exact join property. Another applica- 
tion of exact join detection is the computation of under-approximations, which 
are useful, in particular, for the approximation of contra- variant operators such 
as set-theoretic difference. In fact, when the join is exact it is a safe under- 
approximation of the union. The exact join detection procedure can also be 
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used as a preprocessing step for the extended convex hull proble n|3 [13. An- 
other important apphcation of exact join detection comes from the field of static 



analysis via abstract interpretation [231 . |2J] . In abstract interpretation, static 
analysis is usually conducted by performing a fixpoint computation. Suppose 
we use the finite powerset domain (pfn(D„), C, 0, u): this is the bounded join- 
semilattice of the finite and non-redundant subsets of On ordered by the relation 
given, for each Qi,Q2 € pfnO^n), by 

Qi □ Qs VDi e Qi : 3D2 e Q2 ■ C D2, 

and 'U' is the least upper bound (join) operator induced by 'C' ^4]. The system 
under analysis is approximated by a monotonic (so called) abstract semantic 
function A: pfn(D„) — > pfn(D„), and the limit of the ascending chain given by 
A's iterates, 

A'>i0),A\0),A\0),..., (1) 

is, by construction, a sound approximation of the analyzed system's behav- 
ior. Since ptn(Dn) has infinite ascending chains, the standard abstract iteration 
sequence ([T]) may converge very slowly or fail to converge altogether. For this 
reason, a widening operator V: pfn(D„)^ pfn(Dn) is introduced. This ensures 
that the sequence 

3^(0), B\0), 8^(0),.... (2) 

where, for each Q e pfn(Dn), B{Q) :— Q\7 (^Q\JA{Q)), is ultimately stationary 
and that the (finitely computable) fixpoint of S is a post-fixpoint of A, i.e., a 
sound approximation of the behavior of the system under consideration. In 
three generic widening methodologies are presented for finite powerset abstract 
domains. A common trait of these methodologies is given by the fact that the 
precision/efficiency trade-off of the resulting widening can be greatly improved 
if domain elements are "pairwise merged" or even "fully merged." Let the 
cardinality of a finite set S be denoted by # S. An element Q = {Di, . . . , Dh} 
of pfn(D„) is said to be pairwise merged if, for each R Q Q, ^ R — 2 implies 
y i? 7^ 1+J i?; the notion of being fully merged is obtained by replacing # i? = 2 
with # i? > 2 in the above. 

In this paper, we tackle the problem of exact join detection for all the nu- 
merical abstractions that are in widespread use at the time of writing^ This 



problem has been studied for convex polyhedra in [1J| . We are not aware of any 



work that addresses the problem for other numerical abstractions. 



In [ij] the authors provide theoretical results and algorithms for the exact 
join detection problem applied to a pair of topologically closed convex polyhe- 
dra. Three different specializations of the problem are considered, depending on 
the chosen representation for the input polyhedra: H-polyhedra, described by 



^This is the problem of computing a minimal set of constraints describing the convex hull 
of the union of k polytopes, each described by a set of constraints. 

^ Since numerical abstractions are so critical in the field of hardware and software analysis 
and verification, new ones are proposed on a regular basis. 
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constraints (half-spaces); V-polyhedra, described by generators (vertices); and 
VH-polyhedra, described by both constraints and generators^ The algorithms 
for the H and V representations, which are based on Linear Programming tech- 
niques, enjoy a polynomial worst-case complexity bound; the algorithm for VH- 
polyhedra achieves a better, strongly polynomial bound. For the H-polyhedra 
case only, it is also shown how the algorithm can be generalized to more than 
two input polyhedra. An improved theoretical result for the case of more than 



two V-polytopes is stated in 



The first contribution of the present paper is a theoretical result for the VH- 
polyhedra case, leading to the specification of a new algorithm improving upon 
the worst-case complexity bound of [l3l] . 

The second contribution is constituted by original results and algorithms 
concerning the exact join detection problem for the other numerical abstractions. 
For those that are restricted classes of topologically closed convex polyhedra, 
one could of course use the same algorithms used for the general case, but the 
efficiency would be poor. Consider that the applications of finite powersets of 
numerical abstractions range between two extremes: 



those using small-cardinality powersets of complex abstractions such as 
general polyhedra (see, for instance [l3|); 

those using large-cardinality powersets of simple abstractions (for instance, 
verification tasks like the one described in 26], can be tackled this way). 



So, in general, the simplicity of the abstractions is countered by their average 
number in the powersets. It is thus clear that specialized, efficient algorithms 
are needed for all numerical abstractions. In this paper we present algorithms, 
each backed with the corresponding correctness result, for the following numer- 
ical abstractions: not necessarily closed convex polyhedra, "box-like" geometric 
objects; rational (resp., integer) bounded difference shapes; and rational (resp., 
integer) octagonal shapes. 

The plan of the paper is as follows. In Section [21 we introduce the required 
technical notation and terminology. In Section [31 we discuss the results and 
algorithms for convex polyhedra. The specialized results for boxes, bounded 
difference shapes and octagonal shapes are provided in Sections [H [5] and [6l 
respectively. Section [71 concludes. 

2. Preliminaries 

The set of non-negative reals is denoted by K+. In the present paper, all 
topological arguments refer to the Euclidean topological space M", for any pos- 
itive integer n. If S' C M", then the topological closure of S is defined as 
C{S) := n{ C C M" I 5 C C and C is closed }. 



•^The algorithms in [13 for the V and VH representations only consider the case of bounded 
polyhedra, i.e., polytopes; the extension to the unbounded case can be found in O . 
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For each i G {1, . . . , n}, denotes the z-th component of the (column) vector 
V G M"; the projection on space dimension i for a set 5 C R" is denoted by 
7Ti{S) := {vi e R \ V e S}. We denote by the vector of R" having all 
components equal to zero. A vector v G K" can also be interpreted as a matrix 
in M"^^ and manipulated accordingly with the usual definitions for addition, 
multiplication (both by a scalar and by another matrix), and transposition, 
which is denoted by v"^. The scalar product of v,w G M", denoted {v,w), is 
the real number v'^w = X]r=i ^j^i- 

For any relational operator txi G {—, <, >, <, >}, we write v [xi w to denote 
the conjunctive proposition Ar=i(^» ^ ^»)- Moreover, v 7^ w denotes the 
proposition ^(v = w). We occasionally use the convenient notation a tx\i b 1x12 c 
to denote the conjunction a cxii b Ab IXI2 c and do not distinguish conjunctions 
of propositions from sets of propositions. 

2.1. Topologically Closed Convex Polyhedra 

For each vector a G K" and scalar 6 G M, where a 7^ 0, the linear non-strict 
inequality constraint (3 — ((a, x) < 6) defines a topologically closed afFine half- 
space of R" . The linear equality constraint (a, x) = 5 defines an affine hyper- 
plane. A topologically closed convex polyhedron is usually described as a finite 
system of linear equality and non-strict inequality constraints. Theoretically 
speaking, it is simpler to express each equality constraint as the intersection of 
the two half-spaces (a, x) < 6 and (—a, x) < —6. We do not distinguish between 
syntactically different constraints defining the same affine half-space so that, 
e.g., X <2 and 2x < A are considered to be the same constraint. 

We write con(C) to denote the polyhedron P C R" described by the finite 
constraint system C. Formally, we define 

con(C) { p G R" V/5 = ((a, x) < fe) G C : (a, p) < 6 }. 

The function 'con' enjoys an anti-monotonicity property, meaning that Ci C C2 
imphes con(Ci) 3 con(C2). 

Alternatively, the definition of a topologically closed convex polyhedron can 
be based on some of its geometric features. A vector r G R" such that r 7^ is 
a ray (or direction of infinity) of a non-empty polyhedron V C R" if, for every 
point p G "P and every non-negative scalar p G R+, we have p + pr G "P; the set 
of all the rays of a polyhedron V is denoted by rays(7'). A vector 1 G R" is a 
line of V if both 1 and —1 are rays of V. The empty polyhedron has no rays and 
no lines. As was the case for equality constraints, the theory can dispense with 
the use of lines by using the corresponding pair of rays. Moreover, when vectors 
are used to denote rays, no distinction is made between different vectors having 
the same direction so that, e.g., ri — (1,3)'^ and r2 = (2,6)'^ are considered 
to be the same ray in R^. The following theorem is a simple consequence of 
well-known theorems by Minkowski and Weyl [ist . 
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Theorem 2.1. The set V C K" is a closed polyhedron if and only if there exist 
finite sets R, P ^ K" of cardinality r and p, respectively, such that ^ R and 

V = gen{{R,P)) :=|i?p + PCTeR" p e M;, a e , ^ a, = 1 1. 

When V =/= 0, we say that V is described by the generator system Q — (i?, P). 
In particular, the vectors of R and P are rays and points of P, respectively. 
Thus, each point of the generated polyhedron is obtained by adding a non- 
negative combination of the rays in R and a convex combination of the points 
in P. Informally speaking, if no "supporting point" is provided then an empty 
polyhedron is obtained; formally, P = if and only if P = 0. By convention, 
the empty system (i.e., the system with i? = and P = 0) is the only gener- 
ator system for the empty polyhedron. We define a partial order relation 'C' 
on generator systems, which is the component-wise extension of set inclusion. 
Namely, for any generator systems Qi = (i?i,Pi) and Q2 — (P2,P2), we have 
Gi E Q2 if and only if Ri C R2 and Pi C P2; if, in addition, Qi ^ G2, we write 
Gi C ^2- The function 'gen' enjoys a monotonicity property, as Gi E G2 implies 
gen(5i) C gen(g?2). 

The vector v G P is an extreme point (or vertex) of the polyhedron P if 
it cannot be expressed as a convex combination of some other points of P. 
Similarly, r G rays(P) is an extreme ray of P if it cannot be expressed as a 
non-negative combination of some other rays of P. It is worth stressing that, 
in general, the vectors in R and P are not the extreme rays and the vertices of 
the polyhedron: for instance, any half-space of has two extreme rays and no 
vertices, but any generator system describing it will contain at least three rays 
and one point. 

The combination of the two approaches outlined above is the basis of the 
double description method due to Motzkin et al. [11] , which exploits the duality 
principle to compute each representation starting from the other one, possibly 
minimizing both descriptions. Clever implementations of this conversion pro- 
cedure, such as those based on the extension by Le Verge [3l| of Chernikova's 
algorithms H, H) IS], are the starting points for the development of software 



libraries based on the double description method. While being characterized 
by a worst-case computational cost that is exponential in the size of the in- 
put, these algorithms turn out to be practically useful for the purposes of many 
applications in the context of static analysis. 

We denote by CP„ the set of all topologically closed polyhedra in M" , which is 
partially ordered by subset inclusion to form a non-complete lattice; the finitary 
greatest lower bound operator corresponds to intersection; the finitary least 
upper bound operator, denoted by 'W', corresponds to the convex polyhedral 
hull. Observe that if, for each i e {1,2}, Pi — gen((Pi, P^)) , then the convex 
polyhedral hull is Pi W P2 = gcn((Pi U P2, Pi U P2)). 
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2.2. Not Necessarily Closed Convex Polyhedra 

The linear strict inequality constraint (3 = ((a, x) > b) defines a topologically 
open affine half-space of M". A not necessarily closed (NNC) convex polyhe- 
dron is defined by a finite system of strict and non-strict inequality constraints. 
Since by using lines, rays and points we can only represent topologically closed 
polyhedra, the key step for a parametric description of NNC polyhedra is the 
introduction of a new kind of generator called a closure point (3| . 

Definition 2.2. (Closure point.) A vector c G M" is a closure point of 
S C M" if and only if c e €(5). 

For a non-empty NNC polyhedron V C R", a vector c G R" is a closure point 
of V if and only if up -I- (1 — a)c € V for every point p e and every a G R 
such that < (T < 1. By excluding the case when tr = 0, c is not forced to be 
in v. 

The following theorem taken from [s'l is a generalisation of Theorem 12.11 to 
NNC polyhedra. 

Theorem 2.3. The set V C R" is an NNC polyhedron if and only if there exist 
finite sets R, P,C C R" of cardinality r, p and c, respectively, such that ^ i? 
and 

p G R;,cr e R^,cr ^ 0, ' 

When V ^ 0, we say that V is described by the extended generator system 
Q = {R, P, C) . As was the case for closed polyhedra, the vectors in R and P 
are rays and points of V, respectively. The condition a ^ Q ensures that at 
least one of the points of P plays an active role in any convex combination of 
the vectors of P and C. The vectors of C are closure points of V. Since both 
rays and closure points need a supporting point, we have T' = if and only if 
P = 0. The partial order relation 'C' on generator systems is easily extended 
to also take into account the closure points component, so that the overloading 
of the function 'gen' still satisfies the monotonicity property. 

The set of all NNC polyhedra in K", denoted P„, is again a non-complete 
lattice partially ordered by subset inclusion, having CP„ as a sublattice. As 
for the set of closed polyhedra CP„ , the finitary greatest lower bound operator 
corresponds to intersection; the finitary least upper bound operator, again de- 
noted by 'y', corresponds to the not necessarily closed convex polyhedral hull. 
Observe that if, for each i E {1,2}, Vi = gcn{{Ri,Pi,Ci)), then the convex 
polyhedral hull is Vi^V2^ gen((i?i U R2, Pi U P2, Ci U C2)) . 

2.3. Subsumption and Saturation 

A point (resp., ray, closure point) v G R" is said to be subsumed by a 
polyhedron V if and only if v is a point (resp., ray, closure point) of V . 



V = gen((P, P, C)) := I Rp + Pa + Cr e 
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(a) Closed polyhedra (b) NNC polyhedra 

Figure 1: Pictorial representations for Lemmas l3.1l and l3.5l 

A (closure) point p G R" is said to saturate a constraint /3 = ((a, x) [xi &), 
where cxi G {=, <, >, <, >}, if and only if (a, p) = 6; a ray r e R" is said to 
saturate the same constraint (3 if and only if (a, r) = 0. 



3. Exact Join Detection for Convex Polyhedra 

In this section, we provide results for the exact join detection problem for 
convex polyhedra. Here we just consider the case when a double description 
representation is available; that is, in the proposed methods, we exploit both 
the constraint and the generator descriptions of the polyhedra. 

3.1. Exact Join Detection for Topologically Closed Polyhedra 

First we consider the exact join detection problem for closed polyhedra since, 
in this case, given any two closed polyhedra 'Pi, 7^2 G CP„, we have that ViL)V2 
is convex if and only if Vi 'S V2 = Vi U 1^2- Before stating and proving the 
main result for this section, we present the following lemma that establishes 
some simple conditions that will ensure the union of two closed polyhedra is not 
convex. 

Lemma 3.1. Let Vi,V2 £ CP„ be topologically closed non-empty polyhedra. 
Suppose there exist a constraint (3 and a vector p such that (1) p saturates (3, 
(2) j3 is satisfied by Vi but violated by V2, and (3) p G "Pi \ ^'2. Then, Vi U P2 
is not convex. 



Proof. (See also Figure 1(a) ) By (2), there exists a point p2 G 7^2 that violates 
(3. Consider the closed line segment s := [p,P2]; by (1), the one and only point 
on this segment that satisfies (3 is p; by (3), p £ Vi so that s C Pi W ^2- Also 
by (3), p ^ 7^2, so that there exists a non-strict constraint (32 that is satisfied by 
V2 but violated by p. Since p2 G P2, there exists a vector q G s that saturates 
(32 and q ^ p. It follows that the open line segment si :— (p,q) is non-empty 
and every point in si violates both (3 and (32] hence si fl Pi = si n P2 = 0. 
However, by construction, 

(p,q) c [p,P2] CP1WP2, 

so that Pl W P2 7^ Pl U P2. Therefore Pi U P2 is not convex. □ 
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Theorem 3.2. Let Vi,V2 G CP,i be topologically closed non-empty polyhedra, 
where Vi = con(Ci) — gcn(^i). Then Vi^V2 7^ 'Pi U V2 if and only if there 
exist a constraint Pi G Ci and a generator gi in Qi such that (1) gi saturates 
Pi, (2) V2 violates Pi, and (3) 1^2 does not subsume gi. 

Proof. Suppose first that Pi W 7^2 7^ T'l U V2- As 'W is the least upper bound 
operator for closed polyhedra, there exist points pi G Pi \ V2 and P2 G P2 \ Pi 
such that 

[Pl,P2] ^ (Pi UP2). 

As pi G Pi, there exists a point 

p := (1 - o')pi + o-p2 e [pi, P2] n Pi 

such that (7 G is maximal (note that, by convexity, cr < 1); then p must 
saturate a constraint Pi G Ci. Moreover p P2 since, otherwise, we would 
have [pi,p] C Pi and [p,P2] Q P2, contradicting [pi,P2] ^ Pi U P2. Hence 
P2 does not satisfy Pi so that P2 violates Pi. Let Q'l be the generator system 
containing all the points and rays in Qi that saturate Pi. Then p G gen.{Q'i). By 
Theorem 12.11 as p ^ P2, there is a point or ray gi in Q'l that is not subsumed 
by P2. Hence conditions (1), (2) and (3) are all satisfied. 

Suppose now that there exist a constraint Pi G Ci and a generator gi in Qi 
such that conditions (1), (2) and (3) hold. Then, as Pi = con(Ci), Pi is satisfied 
by Pi. If 51 := pi is a point, then, by letting P := Pi and p := pi in Lemma IXTl 
the required three conditions hold so that Pi U P2 is not convex. Now suppose 
that gi := ri is a ray for Pi. Suppose there exists a point p'l G Pi that saturates 
the constraint Pi. By condition (3), ri is not a ray for P2; hence for some p G M+ 
there exists a point pi := p'^ + pri G Pi \ P2 that also saturates Pi. Hence, 
letting P := Pi and p :— pi in Lemma [3T] the required three conditions hold so 
that Pi U P2 is not convex. Otherwise, no point in Pi saturates /3i|l Suppose, 
for some a G M" and 6 G K, /?i = ((a, x) cxi fe); then, since Pi 0, there exist 
a point p'l G Pi and a constraint P'l := ((a, x) ix] 6') such that Pi satisfies P'l 
and p'l saturates P'l, note that P'l is also saturated by ray ri. Thus we can 
construct, as done above, a point pi := p'l + pri G Pi \ P2 that saturates /3(. 
Hence, letting P := Pi and p := pi in Lemma lO] the required three conditions 
hold so that Pi U P2 is not convex. Therefore, in all cases. Pi l±) P2 7^ Pi U P2. 
□ 

Example 3.3. Consider the closed polyhedra 

Pi = con(Ci) = con({a;i > 0, X2 > 0, Xi + X2 < 2}) 

= gcn(gi) = gen((0,P)), 
P2 = con(C2) = con({a;i < 2, X2 > 0, xi — a;2 > 0}) , 



*This may happen because we made no minimality assumption on the constraint system 
Ci, so that Pi may be redundant. 
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Figure 2: The convex polyhedral hull of NNC polyhedra 



where P= {(0,0)^,(2,0)^,(0,2)^}. Then 

tt) P2 = con({a;i > 0, ^2 > 0, xi <2,X2< 2}) 

so that (1, 1)^ e (Pi W V2) \ {Vi U V2) and, hence, Pi W Pa Pi U P2. In 
Theorem 13:21 let /3i = {xi + X2 < 2) and .gi = (0, 2)"^. Then conditions (1), (2) 
and (3) are all satisfied. 

For each i e {1, 2}, let h and rrii denote the number of constraints in Ci and 
generators in Qi, respectively. Then, the worst-case complexity of an algorithm 
based on Theorem 13.21 computed by summing the complexities for checking 
each of the conditions (1), (2) and (3), is in o(n(Zi?7ii + Zim2 + Zami)). Notice 
that the complexity bound is not symmetric so that, if lirrii ^ l2m2 holds, then 
an efficiency improvement can be obtained by exchanging the roles of Pi and 
P2 in the theorem. In all cases, an improvement is obtained with respect to the 
0{n{li +l2)mim2)) complexity bound of Algorithm 7.1 in [14|. 



3.2. Exact Join Detection for Not Necessarily Closed Polyhedra 

We now consider the exact join detection problem for two NNC polyhedra 
'Pi, 7^2 G Pn,; in this case, it can happen that Pi W P2 7^ Pi U P2 although the 
union Pi U P2 is convex. 



Example 3.4. Consider the NNC polyhedra P and Q in Figure 2(a) where 
P is the open rectangle ABCD and Q is the single point E. The union P U Q is 
convex but it is not an NNC polyhedron: the convex polyhedral hull P l±l Q (see 



Figure 2(c) ) also contains the line segment {B, C) and hence P W Q 7^ PU Q. On 



the other hand, if we now consider P and Q', as shown in Figure 2(b) where 
Q' is the line segment {B,C), then the convex polyhedral hull P W Q' is such 
that P y Q' = P W Q = P U Q'. 

Before stating and proving the main result for this section, we present a 
lemma similar to Lemma [XT] but generalized so as to apply to NNC polyhedra. 

Lemma 3.5. Let 1^1,1^2 £ Pn &e non-empty polyhedra. Suppose that there exist 
a constraint (3 and a vector p .such that (1) p saturates (3, (2) (3 is satisfied by 
Pi but violated by V2, and (3) p £ C(Pi) \ C(P2). Then Pi W P2 7^ Pi U P2. 
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Proof. (See also Figures 1(a) and 1(b) ) By (2), there exists a point P2 G 



that violates /3. Consider the hne segment s (p,P2]; by (1), no point on s 
satisfies /3; by (3), p e C('Pi) so that s CV1ISV2. Also, by (3), p €(^2) 
so that there exists a constraint f32 that is satisfied by C('P2) but violated by 
p. Since p ^ V2 and P2 G V2, there exists a vector q G s that saturates /32- 
It follows that, as q 7^ p, the open line segment si := (p,q) is non-empty and 
every point in si violates both (3 and P2'i hence siHVi = si nP2 = 0- However, 
by construction, 

(p,q) c (p,P2] c (PiyPa), 

so that Pi W 7^2 ^ ^1 U P2- □ 

Theorem 3.6. For i G {1,2}, let Vi = con(Ci) = gc\\{Qi) G P,i &e non-empty 
polyhedra. Then Vi ^ 1^2 Vi U 'P2 if and only if, for some i,j G {1, 2}, i ^ j , 
there exists a generator gi in Qi that saturates a constraint Pi G Ci violated by 
Vj and at least one of the following hold: 

(1) gi is a ray or closure point in Qi that is not subsumed by Vj; 

(2) gi is a point in Qi, j3i is non-strict and gi ^ C('Pj); 

(3) Pi is strict and saturated by a point p G {Vi W V2) \ Vj. 

Proof. Suppose first that Pi W 7^2 ^ "Pi U V2- As 'W is the least upper bound 
operator for NNC polyhedra, it follows from the note following Definition 12.21 
that, for some i,i G {1,2}, i ^ j, there exists a closure point Pi of Vi and a 
point pj G Vj such that 

(P»,Pj] ^7'lUP2. 

For ease of notation, wc will assume that i ~ \ and j — 2; the other case follows 
by a symmetrical argument. As pi G C(Pi), there exists a point 

p (1 - (7)pi + CTP2 G [pi, P2] n C(Pi) 

such that (T G is maximal (note that, by convexity, cr < 1); then p G Pi tbiP2 
and saturates a constraint /3i G Ci where Pi is strict if p ^ Pi . Note that p ^ P2 
since, otherwise, we would have (pi,p) G Pi and [p, P2] ^ P2, contradicting 
(PijP2] ^ Pi U p2- Moreover, if p G Pi, p ^ C(P2) since, otherwise, we would 
have (pi, p] C Pi and (p, P2] C P2, again contradicting (pi, P2] ^ Pi U P2. 

Let Q[ = {R[, P[, C'l) be the system of all the generators in Qi that saturate 
Pi so that p G gen((i?'j, P{ UC(, 0)). Suppose condition (1) does not hold; that 
is, suppose that all the rays in R[ are subsumed by P2 and €[ C C(P2)- If Pi 
is non-strict, p G Pi so that p ^ C(P2); hence, by Theorem 12. 3[ there must 
exist a generator point gi G P{ \C(P2) and condition (2) holds. If instead. Pi is 
strict, then, since p G Pi W P2, p ^ P2 and p saturates Pi, condition (3) holds. 

Suppose now that, for some i,j G {1,2} i ^ j, there exists a generator gi 
in Qi that saturates a constraint Pi G Ci violated by Vj and condition (1), (2) 
or (3) holds. As before, we assume that i = 1 and j — 2, since the other case 
follows by a symmetrical argument. Let Pi ((a, x) ix where ex: e {<, <}. 
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Suppose condition (1) holds; so that gi is a closure point or ray that is not 
subsumed by P2, Consider first the case when gi is a closure point in Qi so that 
ffi C{'P2)- Then, by letting (3 := fii and p := gi in Lemma 1X51 it follows that 
Pi ^7^2 7^ Pi Up2- Consider now the case when gi is a ray in Qi. Since Vi ^ 0, 
there exist a point p'^ G C(Pi) and a constraint /^J := ((a, x) < (a, p'^)) such 
that Vi satisfies /3(; note that, by definition, is saturated by the point p'j^ 
and the ray giU Therefore, for some p £ M+, the point pi := p'^ + pgi ^ C(P2); 
hence, as pi G €(^1) and saturates by letting /3 := and p := Pi in 
Lemma [531 it follows that Pi W P2 ^ Pi U ^2- If condition (2) holds, then gi 
is a point in ^1 (so that gi G Pi) and gi ^ C(P2)- Then, by letting /3 := /3i 
and p := 51 in Lemma [X5l it follows that Pi W P2 Pi U P2. Finally suppose 
that condition (3) holds. In this case (3i is strict, so that p ^ Pi, and hence 
p e (Pi tt) P2) \ (Pi U P2); therefore Pi W P2 ^ Pi U P2. □ 



Observe that the conditions stated for the NNC case in Theorem 13.61 are 
more involved than the conditions stated for the topologically closed case in 
Theorem [321 In particular, a direct correspondence can only be found for con- 
dition (2) of Theorem l3.6l The added complexity, which naturally propagates to 
the corresponding implementation, is justified by the need to properly capture 
special cases where, as said above, convexity alone is not sufficient. 

In particular, the check for condition (3) in Theorem 13.61 is more expensive 
than the other checks and hence should be delayed as much as possible. Writing 
'H{(3) to denote the affine hyperplane induced by constraint condition (3) 
can be implemented by checking that (Pi W P2) n Ti.{(3i) C Vj n H{f3i) does not 
hold. Even though it is possible to identify cases where optimizations apply, 
in the general case the inclusion test above will require the application of the 
(incremental) conversion procedure for NNC polyhedra representations. 

In the following, we provide a few examples showing cases when condi- 
tions (1) and (3) of Theorem 13.61 come into play. 

Example 3.7 (Condition (1) of Theorem [3T6|) . We first show how condi- 
tion (1) of Theorem 13.61 where gi is a closure point can properly discriminate 



between the two cases illustrated in Figures 2(a) and 2(b) 

Consider the polyhedra P and Q in Figure 2(a) and assume that the line 
segment {B, C) satisfies the constraint xi = 4. In the statement of Theorem l3.6[ 
let Pi = P, P2 = Q, i = 1, j = 2, /3i = (xi < 4) G Ci and gi = B he a closure 
point in Qi. Then Pi is violated by P2 and saturated by 51, but gi is not 
subsumed by P2. Hence condition (1) of Theorem 13.61 holds and we correctly 
conclude that V^Q^VUQ. 



On the other hand, if wc consider polyhedra P and Q' in Figure 2(b) and 
let Pi = P and P2 = Q', then the closure point gi ^ B is subsumed by P2 so 
that condition (1) of Theorem 13.61 does not hold. 



^The (a, pj) may differ from b because we made no minimality assumption on the constraint 
system Ci, so that /3i may be redundant. 

•^Namely, if /3 = ((a,x) M b), then W(/3) = con({(a,x) = b}). 
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Figure 3: More examples for the convex polyhedral hull of NNC polyhedra 



Note that such a discrimination could not be obtained by checking only 
condition (2) of Theorem 13.61 If we swap the indices i and j so that i — 2, 
j = 1; letting (32 — {xi > 4) e C2 and g2 — E he a. point in Q2, then g2 G C('P) 
and f32 is a non-strict constraint of both Q and Q' violated by V and saturated 
by point 172; hence condition (2) docs not hold for both 1^2 = Q and for V2 = Q' ■ 

For an example of an application of condition (1) of Theorem 13.61 when gi is 
a ray, consider Qi and Q2 in Figure 3(a)[ where Qi = con ({2 < xi < 4}) is an 
unbounded strip and Q2 = {A} is a singleton, with A — (4, 2)'^. It can be seen 
that Qi y Q2, the polyhedron in Figure [3(d)| contains the point B — (4,0)'^ 
which is not a point in Qi or Q2, so that Qi W Q2 7^ Qi U Q2- In the statement 
of Theorem [311 let Vi = Qi, V2 = Q2, i ^ 1, j = 2, /3i = (xi < 4) e Ci and 
gi = (0, 1)"^ be a ray in Qi. Then /3i is violated by 7^2 and saturated by the ray 
gi; but gi is not subsumed by V2 so that condition (1) of Theorem 13.61 holds. 



Example 3.8 (Condition (3) of Theorem 13. 6p . This example shows how 
condition (3) of Theorem 13.61 can properly discriminate between the two cases 
illustrated in Figures [3(b)] and [3(c)| 



Consider the polyhedra Q3 and Q4 in Figure |3(b)[ where Q3 is the open 
rectangle ABCD, with the open bound {B, C) defined by the strict constraint 
xi < 3, whereas Q4 is the open rectangle BEFC. Then B = (3, l)'^ and 
C = (3, 5)^ are closure points for both Q3 and Q4. It can be seen that Q3 W Q4, 
the polyhedron in Figure 3(e)[ contains the open line segment (B, C) so that 
Q3 W Q4 / Q3 U Q4. In the statement of Theorem [3H let Vi = Q3, V2 ^ Q4, 
i — I, j — 2, f3i — (xi < 3) G Ci and gi = B he a closure point in Qi. Then Pi 
is violated by V2 and saturated by the closure point gi. Although condition (1) 
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does not hold because gi is subsumed by V2, condition (3) does hold since f3i 
is strict and, taking p — G £ {B, C), we have p £ (T'l W P2) \ '^2- 

It is worth stressing that none of the (closure) points in the open segment 
(-B, C) belong to the generator systems of V\ and V2- The reader is also warned 
that, even though in this particular example Pi, 7^2 and the segment (B, C) are 
pairwise disjoint (which trivially implies that the join Vi W P2 is inexact), such 
a property would not generalize to higher dimensional vector spaces and hence 
it cannot be used as a replacement for condition (3) in Theorem [ 



Consider the polyhedra Q5 and Qg in Figure 3(c) where Q5 is the quadri- 
lateral ABCD and Qe is the quadrilateral EFGC . Then the convex polyhedral 
hull Q5 l±l Qg shown in Figure |3(f)| is equal to their union Q5 U Qg- In the 
statement of Theorem I3.6i let Pi = Q5, 7^2 — Qe, * = 1, j = 2, /?i G Ci be the 
strict constraint defining the dashed line boundary [B, C) and gi be the closure 
point C in both Vi and V2- Then none of the conditions in Theorem 13.61 hold . 



4. Exact Join Detection for Boxes and Other Cartesian Products 

A rational interval constraint for a dimension i G {1, . . . , n} has the form 
Xi [X] 6, where cxi G {<,<,=,>,>} and 6 G Q. A finite system of rational 
interval constraints defines an NNC polyhedron in P„ that we call a rational 
box; the set of all rational boxes in the n-dimensional vector space is denoted 
B„ and is a meet-sublattice of P,i. The domain B„ so defined can be seen as the 
Cartesian product of n possibly infinite intervals with rational, possibly open 
boundaries. If we denote by I the set of such intervals and by the binary join 
operator over the bounded join-scmilattice (I, C), we have, for each Bi,B2 G B, 

Bi WB2 = (vri(Bi)®^i(B2)) X ••• X (7r„(Bi) ® ^„(B2)) . 

The following theorem defines a necessary and sufhcient condition that is 
only based on and on the subset ordering over I. Notice, in particular, that 
convexity does not play any role, neither in the statement, nor in the proof. 

Theorem 4.1. Let Bi, B2 G B„. Then Bi^ B2 ^ BiU B2 if and only if 

1. 3i G {!,..., ?i} . 7r,(Bi) ©7r,(B2) 7^ 7r,(Bi) U 7r,(B2); or 

2. J G {1, . . . ,n} . ^ ^ J A 7r,(Bi) ^ 7r,(B2) A 7r,(B2) ^ 7r,(Bi). 

Proof. Suppose that _Bi so that, for each i G {!,..., n}, HilBi) = 0. 
Then, neither condition (1) nor condition (2) can hold, so that the lemma holds. 
By a symmetric reasoning, the lemma holds if ,62 = 0- Hence, in the following 
we assume that both Bi and B2 arc non-empty boxes. 

Suppose first that Si l±l -B2 ^ i?i U ^2 ; then there exists a point p G -Bi W i?2 
such that p ^ Bi and p ^ B2- Hence, for some i,j G {!,..., n}, we have 
that Pi ^ 7rj(i?i) and pj ^ 7rj(i?2). Note that as p G i?i W i?2, we also have 
Pi G TTi{Bi) © TTi{B2) and pj G TTj{Bi) ® TTj{B2). Suppose that condition (1) 
does not hold. Thenpi G T^i{B2) andpj G Trj{Bi); hence we must have i ^ j and 
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Pi e T^iiBi) \ TTi{B2) and Pj £ 71-^(52) \ T^j{Bi); implying that ni{Bi) ^ ni{B2) 
and T^j{B2) ^ TTj{Bi), so that condition (2) holds. 

Assuming that condition (1) or (2) holds, we now prove i?i l+l ^2 7^ -Bi U -62 ■ 
First, suppose that condition (1) holds. Then there exists v e T^iiBi 1+1 B2) 
such that V ^ 'Ki{Bi) and v ^ 7ri(_B2). By definition of tt^, there exist a point 
p G i?i l±) i?2 such that 7ri(p) = u, so that p ^ Bi and p ^ B2; therefore 
i?i l±) i?2 7^ -Bi U -62- Secondly, suppose that condition (2) holds. Then there 
exist values Vi G TTi{Bi) \ TTi{B2) and Vj S TTj{B2) \ TTj(Bi); hence, there exist 
points Pi G Bi and Pj G B2 such that 7ri(pi) = Vi and 7rj(pj) = Wj. Let p 
be such that 7rfe(p) — 7rfc(pi), for all fc G {!,..., 71} \ {j}, and 7rj(p) = vj; 
then p ^ Bi U i?2. By definition of the '1+1' operator, p G Bi \+i B2, so that 
Bi 1+1^2 ^ -Bi UB2- □ 

Example 4.2. Consider the topologically closed boxes 

Bi = con({0 < XI < 1,0 < X2 < 2}), 
B2 = con({3 < xi < 4,0 < X2 < 2}), 
B3 = con({0 < xi < 4, 1 < X2 < 2}). 

Then we obtain 



Bi y B2 = Si l+iSs = con({0 < xi < 4,0 < X2 < 2}). 

Letting p = (2, 0)"^, we have p G i?i W i?2 although p ^ Bi U i?2 U B3; hence 
i?i l±l -B2 7^ -Bi U ^2 and Bi \+i B3 ^ Bi \J B3, i.e., both join computations are 
inexact. Observe that 



MBi) © 7ri(B2) ^ 7ri(Bi) U MB2), 

so that, for boxes Bi and i?2, condition (1) holds; on the other hand we have 

MB3) i MBi) and n2{Bi) ^ ^2(^3), 

so that, for boxes Bi and B3, condition (2) holds. 

This result has been introduced for rational boxes for simplicity only. In- 
deed, it trivially generalizes to any Cartesian product of 1-dimensional numerical 
abstractions, including: the well-known abstract domain of multi-dimensional, 
integer-valued intervals 2^ 1 : 1 -dimensional congruence equations like x = 



(mod 2); modulo intervals [37|, |38|; and circular linear progressions [40|. For 
full generality, for each z G {1, . . . ,n}, let (A(z), C), with G A(i) C p(R), be 
a bounded join-semilattice where the binary join operator is denoted by '©i'. 
(A(i), C) is thus an abstract domain suitable for approximating p(K). Then, 
the trivial combination of the n domains A(z) by means of Cartesian product, 
A„ := A(l) X ■•■ X A(n), is an abstract domain suitable for approximating 
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p(K")0 Theorem 14.11 immediately generalizes to any domain A„ so obtained. 

An algorithm for the exact join detection on A„ based on Theorem 14.11 will 
compute, in the worst linear number of 1-dimensional joins (applying 

the '©i' operators) and a linear number of 1-dimensional inclusion tests. Since 
these 1-dimensional operations take constant time, the worst-case complexity 
bound for n-dimensional boxes is 0{n). 

5. Exact Join Detection for Bounded Difference Shapes 

A (rational) bounded difference is a non-strict inequality constraint having 
one of the forms ±Xi < b or Xi — Xj < h, where i, j S {1, . . . , n}, i 7^ j and & £ Q. 
A finite system of bounded differences defines a hounded difference shape (BD 
shape); the set of all BD shapes in the n-dimensional vector space is denoted 
BD„ and it is a meet-sublattice of CP„ . In this section we specialize the result on 
topologically closed polyhedra to the case of BD shapes, which can be efficiently 
represented and manipulated as weighted graphs. 

5.1. BD Shapes and their Graph Representation 

We first introduce some notation and terminology (see also [1, 0, [s^, [sH] ) • 
Let Qoo Q U {+cxd} be totally ordered by the extension of '<' such that 
d < +00 for each d E Q. Let M he a finite set of nodes. A weighted directed 
graph (graph, for short) G in A/" is a pair (A/", w), where w: TV x TV — ^ Qoo is the 
weight function for G. A pair (n^ , rtj ) S TV x A/" is an arc of G if w{ni ,nj) < +00; 
the arc is proper if ^ rij. A path ^ hq ■ ■ ■ Up in a graph G = (tV, w) is a non- 
empty and finite sequence of nodes such that, for all i € {1, . . . (n^^i, ti^) is 
an arc of G; each arc (n^-i, Ui) is said to be in the path 6. If 0i — uq ■ ■ ■ and 
02 — ■ ■ ■ Up are paths in G, where < h < p, then the path concatenation 
9 — uq ■ ■ ■ Uh ■ ■ ■ Up of ^1 and 62 is denoted hy 9i :: O2] if 9i — n^ni (so that 
/i = 1), then 6*1 ■.■.62 will also be denoted by no -62. Note that path concatenation 
is not the same as sequence concatenation. The path 9 is simple if each node 
occurs at most once in 0; it is proper if all the arcs in it are proper; it is a proper 
cycle if it is a proper path and uq — Up (so that p>2). The path has weight 
w{0) := ^^^-^ ?i;(ni_i, rii). A graph is consistent if it has no negative weight 
cycles. The set G of consistent graphs in TV is partially ordered by the relation 
defined, for aU Gi = (TV, wi) and G2 = (TV, W2), by 

Gi<G2 ^ yij e^f -wiiij) <W2{i,j). 

When augmented with a bottom element _L representing inconsistency, this 
partially ordered set becomes a (non-complete) lattice G± = ((GU{_L}, <, u), 
where 'n' and 'U' denote the (finitary) greatest lower bound and least upper 
bound operators, respectively. 



^This construction is called a direct product in the field of abstract interpretation. The 
resulting domain is said to be attribute- independent, in the sense that relational information 
is not captured. In other words, the constraints on space dimension i are unrelated to those 
on space dimension j whenever i j. 
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Definition 5.1. (Graph closure/reduction.) A consistent graph G = (AT, t/;) 
is (shortest-path) closed if the following properties hold: 



A consistent graph i? in AT is (shortest-path) reduced if, for each graph G ^ R 
such that R<G, closure(i?) ^ closurc(G). A reduction for the consistent graph 
G is any reduced graph R such that closure(i?) = closure(G). 

Note that a reduction R for a closed graph G is a subgraph of G, meaning that 
all the arcs in R are also arcs in G and have the same finite weight. 

Any system of bounded differences in n dimensions defining a non-empty 
element bd G BD„ can be represented by a consistent graph G = (M, w) where 
M = {0, . . . , n} is the set of graph nodes; each node i > corresponds to the 
space dimension Xi of the vector space, while (the special node) represents a 
further space dimension whose value is fixed to zero. Each arc (i, j) of G denotes 
the bounded difference Xi — Xj < w{i,j) if i,j > 0, Xi < w(i,0) if j = and 
—Xj < w{0,j) if j = 0. Conversely, it can be seen that, by inverting the above 
mapping, each consistent graph G = (TV, w) where TV = {0, . . . , n} represents 
a non-empty element bd G BI])„. Graph closure provides a normal form for 
non-empty BD shapes. Informally, a closed (resp., reduced) graph encodes a 
system of bounded difference constraints which is closed by entailment (resp., 
contains no redundant constraint). 

If the non-empty BD shapes bdi , bd2 G BD„ are represented by closed graphs 
Gi = (TV, wi) and G2 = (TV, W2), respectively, then the BD shape join bdi l+)bd2 
is represented by the graph least upper bound G1LJG2 = (TV, w), where 'w{i, j) := 
max.(^wi{i,j),iU2{i,j))) for each i,j e TV; Gi U G2 is also closed. Observe too 
that the set intersection bdi H bd2 is represented by the graph greatest lower 
bound Gi n G2. 

5. 2. Exact Join Detection for Rational BD Shapes 

The following result can be used as the specification of an exact join decision 
procedure specialized for rational BD shapes. 

Theorem 5.2. For each h S {1,2}, let hdh G BD„ be a non-empty BD shape 
represented by the closed graph Gh = {Af,Wh) and let Rh be a subgraph of Gh 
such that closure(i?/j) = G^- Let also Gi U G2 = (TV, w). Then bdi W bd2 
bdi U bd2 if and only if there exist arcs {i,j) of Ri and {k,i) of R2 such that 

(1) wi(i, j) < W2{i,j) and W2{k,£) < wi{k,l); and 



Mi&N : w{i,i) = 0; 
Vz, j, k €Af : w{i,j) < w{i, k) + w{k,j). 



(3) 
(4) 



The closure of a consistent graph G in TV is 



closure(G) := |J{ G'^ e G | G'^ < G and GMs closed }. 



(2) wi{i,j) + W2{k,£) <w{i,£)+w{k,j). 
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Proof. Suppose that bdi ttlbd2 ^ bdi Ubd2, so that there exists p £ bdi I±ibd2 
such that p ^ bdi and p ^ bd2. Hence, there exist i, j, fc, £ £ A/" such that («, j) 
is an arc of R\ satisfyingfl 7ri(p) — 7rj(p) > w\(i,2) and (fc,^) is an arc of i?2 
satisfying 7rfe(p) — 7r^(p) > w^ikj). However, as p e bdi Wbd2, 7ri(p) — 7rj(p) < 
w{i,j) and 7r/e(p) — 7r^(p) < w{kj) so that, by definition of Gi U G2, we have 
< W2{i,j) and W2{k,£) < wi{k,£); hence condition (1) holds. Since 
p e bdi W bd2, 



Therefore, condition (2) also holds. 

We now suppose that there exist arcs (i, j) of Ri and {k,£) of R2 such that 
conditions (1) and (2) hold. As Gi and G2 are closed, wi{i,i) = W2{i,i) = 
and wi{k,k) = W2{k,k) = so that condition (1) implies i ^ j and k ^ £. As 
Gi U G2 is closed, w{i,i) = w{k,k) = so that, if i — £ and j = k both hold, 
condition (2) implies wi{i,j) + W2(j, i) < 0; hence, the graph greatest lower 
bound Gi □ G2 contains the negative weight proper cycle i ■ j ■ i and thus is 
inconsistent; hence bdi nbd2 = 0; and hence bdi Wbd2 7^ bdi Ubd2. Therefore, 
in the following we assume that i ^ £ or j k hold. If the right hand side of the 
inequalities in conditions (1) and (2) arc all unbounded, let e := 1; otherwise let 



Then, by conditions (1) and (2), e > 0. Consider the graph G' = (AA, w') where, 
for each r, s G A/", 



We show that G' is a consistent graph; to this end, since G :— Gi UG2 is known 
to be consistent, it is sufficient to consider the proper cycles of G' that contain 
arcs (j, i) or {£, k). Let 9ij — i ■ ■ ■ j and 9ke — k ■ ■ ■ i he arbitrary simple paths 
from i to j and from k to £, respectively. Then G' is consistent if and only if 
w'{9ij ■ i) > and w'{9ke ■ k) > 0. We only prove w'{9ij ■ i) > since the proof 
that w'{9ki ■ k) > follows by a symmetrical argument. As % is simple, it does 
not contain the arc (j, i). Suppose first that 9ij does not contain the arc {£,k). 



We extend notation by letting 'n-o(v) := 0, for each vector v = (v\, . . . , Vn) 



w{i,£) +w{k,j) > Tr,{p) - 7r^(p) + 7rfe(p) -Tr^ip) 

= TT,{p) - nj{p) + TTk{p) - TTeip) 

> wi{i,j) + W2{k,£). 





wi{i,j)-e, if (r,s) = (j,i); 
W2{k,£)-^, if (r,s) = (£,fc); 



r, s), otherwise. 
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Then 

w'{e,j -i) =w'{9^j)+w'{j,i) 

= w{9ij) — wi{i,j) — € [def. of w'] 

> w{i,j) ~ wi{i,j) — e [G closed] 

>0 [def. of e]. 

Suppose now that Oij = On :: {£, k) :: Okj, where du = i ■ ■ ■ £ and 0kj = k ■ ■ ■ j do 
not contain the arcs (j, i) and {k,£). Then 

w'ie.j ■ i) - w'{9u) + w'{l, k) + w'{Bkj) + w'{], z) 

= w{9ii) - W2{k,£) - e + w{9kj) - wi{i,j) - e [def. of w'] 
> w{i,£) — W2{k,£) — e + w{k,j) — wi{i,j) — e [G closed] 
= {w{i,£) + w{k,j) - wi{i,j) - W2ik,i)) ~2e 
>0 [def. of e]. 

Therefore G' is consistent. Moreover, G' <G since 

~ —wi{i, j) — e [def. of w'] 

<-wi{i,j) [e>0] 

< wi (j, i) [Gi consistent] 

<w{j,i) [def. G]; 

similarly, w'{£, k) < w{£, k); hence, for all r, s G Af, w'{r, s) < w{r, s). 

Let bd' e BD„ be represented by G', so that 7^ bd' C bdi l±) bd2. Since 
w'{j,i) + wi{i,j) < 0, we obtain bd' n bdi = 0; since w'{£, k) + W2{k,£) < 0, 
we obtain bd' n bd2 = 0. Hence, bdi W bd2 ^ bdi U bd2. □ 



An algorithm for the exact join detection on BD„ based on Theorem 15 . 21 will 
have a worst-case complexity bound in 0{n*). Noting that the computation of 
graph closure and reduction are both in 0(n^) [1, B H^, a more detailed 
complexity bound is 0('^'^+?'i''2), where is the number of arcs in the subgraph 
Rh; hence, a good choice is to take each Rh to be a graph reduction for Gh, as 
it will have a minimal number of arcs. 

Example 5.3. Consider the 2-dimensional BD shapes 

bdi con({0 < xi < 3, < a;2 < 2, }) , 
bd2 = con({0 < a;2 < 2, < xi - X2 < 3}) 



shown in Figure 4(a) Then the join bdi W bd2 is exact. Note that both condi- 
tions (1) and (2) in Theorem 15.21 plav an active role in the decision procedure. 
For instance, when taking i — 1, j — 0, k — 2 and £ — 1, condition (1) is 
satisfied but condition (2) does not hold: 

wi(l,0) = 3 < 5 = u;2(l,0), W2(2,l) = < 2 = it;i(2,l), 
u)i(l,0) + u;2(2,l) = 3 + 0>0 + 2 = 1) + u;(2, 0). 
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On the other hand, taking i = 1, j = 1, = and £ — 2, it can be seen that 
condition (2) is satisfied but condition (1) does not hold: 

wi{l, 1) = = W2(l, 1), W2{0, 2) = = wi(0, 2), 
^1(1, 1) + W2i0, 2) = + 0<3 + = w(l, 2) + w{0, 1). 

5. 3. Exact Join Detection for Integer BD Shapes 

We now consider the case of integer BD shapes, i.e., subsets of Z" that 
are dehmited by BD constraints where the bounds are all integral. As for 
the rational case, these numerical abstractions can be encoded using weighted 
graphs, but restricting the codomain of the weight function to Z^o := ZU{+oo}. 
Since the set of all integer graphs is a sub-lattice of the set of rational graphs, 
the conditions in Theorem 15.21 can be easily strengthened so as to obtain the 
corresponding result for the domain BD^ of integer BD shapes. The complexity 
bound for the algorithm for the domain of integer BD shapes is the same as for 
the rational domain. 

Theorem 5.4. For each h G {1,2}, let hdh G BD^ be a non-empty integer BD 
shape represented by the closed integer graph Gh — {■N',Wh) and let Rh be a 
subgraph of Gh such that closure(i?/i) = Gh- Let also Gi U G2 — (A/", w). Then 
bdi l±l bd2 ^ bdi U bd2 if and only if there exist arcs {i,j) of Ri and {k,£) of 
i?2 such that 

(!) wi{i,j) < W2{i,j) and W2{k,£) < wi{k,£); and 

(2) wi{i,j) + W2{k,£) + 2< w{i,£) +w{k,j). 

Proof. Suppose first that bdi W bd2 / bdi U bd2, so that there exists p G Z" 
such that p G bdi Wbd2 but p ^ bdi and p ^ bd2. Hence, there exist i,j, k,£ G 
M such that is an arc of i?i satisfying 7ri(p) — 7rj(p) > wi{i,j) and {k,£) 
is an arc of R2 satisfying 7r/c(p) — 7r£(p) > W2{k, £). However, as p G bdi W bd2, 
T^iiv) ~ ""jXp) ^ and T^k{v) — ^«(p) < w{k,£) so that, by definition of 

Gi U 6*2, we have wi{i,j) < W2(i,j) and W2(k,£) < wi{k,£)] hence condition 
(1) holds. Note also that wi{i,j) and W2{k,£) are both finite and hence in Z so 
that wi{i,j) + 1 < W2{i,j) and W2{k,£) + 1 < wi{k,£). Since p G bdi Wbd2, 

w{i,£) + w{k,j) > TT,{p) - 7r^(p) +7rfe(p) -TTj{p) 
= TT,{p) - TTj{p) + 7rfe(p) - 7r^(p) 
>wi{i,j) + W2{k,£) + 2. 

Therefore, condition (2) also holds. 

We now suppose that there exist arcs {i,j) of Ri and {k,£) of R2 such that 
conditions (1) and (2) hold. Let G' — (A/", w') be a graph defined as in the proof 
of Theorem 15.21 where however we just define e := 1, so that G" is an integer 
graph. By using the same reasoning as in the proof of Theorem 15. 2[ it can be 
seen that G' is consistent and G' < Gi U G2. Let bd' G BU^ be represented 
by G', so that 7^ bd' C bdi W bd2. Since w'{j,i) + wi{i,j) < 0, we obtain 
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(a) bdi,bd2 S MO2 



(b) bd3,bd4 G BD2 



Figure 4: Examples for the join of rational and integer BD shapes 

bd' n bdi = 0; since w'{£, k) + W2{k, £) < 0, we obtain bd' n bd2 = 0. Hence, 
bdi l±)bd2 T^bdi Ubd2. □ 

Example 5.5. Consider the 2-dimensional BD shapes 

bdg = con({0 < xi < 3,0 < X2 < 2,2:1 - a;2 < 2}), 
bd4 = con({3 < xi <6,0 < X2 < 2}) 

shown in Figure |4(b)[ Then, in the case of rational BD shapes, the join bd3l±)bd4 
is not exact; for instance, letting p = (2.5,0)^ be the point highlighted in 
Figure [4(b)| we have p e bda W bd4 although p ^ bds U bd4. Taking i ~ I, 
j = 2, k = and ^ = 1, it can be seen that both conditions in Theorem 15.21 are 
satisfied; in particular, for the second condition we have 

wi(l,2) + 102(0, 1) :=2-3<0 + = + u;(0,2). 

By contrast, in the case of integer BD shapes, the join is exact; all the integral 
points belonging to the join bda tt) bd4, denoted by small crosses in Figure [4(b)| 
also belong to the union hd^ U bd4. In particular, with the above choice for 
indices i,j,k,£, the second condition of Theorem 15.41 does not hold: 

2) + u;2(0, l) + 2 = 2- 3 + 2>0 + = w{l, 1) + w{0, 2). 

5.4- Generalizing to k BD shapes 

We conjecture that the above results for the exact join detection of two 
(rational or integer) BD shapes can be generalized to any number of component 
BD shapes. That is, given k BD shapes bdi, . • . ,bdfc G IBD„, it is possible to 
provide a suitable set of conditions that determine whether or not bdi W • • • W 
bdfc = bdi U • • • Ubdfc. Here we just present the conjecture, for the rational case, 
when k — S. 

Conjecture 5.6. For each h G {1,2,3}, let hdh G BD„ be a non-empty BD 
shape represented by the closed graph Gh = (J^jWh) and let be a subgraph 
of Gh such that closure(i?;j) — Gh- Let also Gi U 62 U G3 = {Af,w). Then 
bdi l+l bd2 tt) bda ^ bdi U bd2 U bda if and only if there exist arcs (ii, ji) of Ri, 
(*2jj2) of R2 and (^3,^3) of R3, respectively, such that 

(1) for each h G {1,2,3}, Wh{ih,jh) < w{ih,jh); 
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(2a) ji) + W2(«2,i2) < j2) + u'(«2, Ji); 

(2b) ^2(12, j2) + u;3(«3, is) < W{i2,j3) +w{i3,j2); 

(2c) W3{i3,j3)+wi{ii,ji) <w{i3,ji)+w{ii,j3); 

(3a) wi{ii,ji) + W2{i2,32) + w^3(i3, js) < w{ii,j2) + u)(i2, ja) + ^(13,^1); 

(3b) wi(ii, ji) + W2{i2,32) + ^«3(j3, ^3) < w(ii, js) + w{i2,3i) + w(i3,i2)- 

Even though the generalization is straightforward from a mathematical point 
of view, for larger values of k this will result in having to check a rather involved 
combinatorial combination of all the conditions. 

6. Exact Join Detection for Octagonal Shapes 

Octagonal constraints generalize BD constraints by also allowing for non- 
strict inequalities having the form Xi + Xj < b or —Xi — Xj < b. This class of 
constraints was first proposed in [lo| and further elaborated in 

6.1. Octagonal Shapes and their Graph Representation 

We first introduce the required notation and terminology (see also @, 0, [s^). 

Octagonal constraints can be encoded using BD constraints by splitting each 
variable Xi into two forms: a positive form xf , interpreted as +Xi; and a negative 
form x~ , interpreted as —Xi. For instance, an octagonal constraint such as Xi + 
Xj < b can be translated into the potential constraint xf — xJ < b; alternatively, 
the same octagonal constraint can be translated into x'j' — x^ < b. Unary 
(octagonal) constraints such a.s Xi < b and —Xi < b are encoded as xf —x~ < 2b 
and x~ — xf < —2b, respectively. 

From now on, we assume that the set of nodes is TV := {0, . . . , 2n — 1}. These 
will denote the positive and negative forms of the vector space dimensions ii, 
. . . , Xn- for all i £ A/", if i = 2k, then i represents the positive form xf_^-^^ and, 
if i = 2fc + 1, then i represents the negative form x'^_^_^ of the dimension Xk+i- 
To simplify the presentation, we let i denote z + 1, if i is even, and i — 1, if i is 
odd, so that, for all i G A/", we also have i E J\f and i — i. 

It follows from the above translations that any finite system of octagonal 
constraints, translated into a set of potential constraints in TV as above, can 
be encoded by a graph G in TV. In particular, any finite satisfiable system of 
octagonal constraints can be encoded by a consistent graph in Af. However, 
the converse does not hold since in any valuation p of an encoding of a set of 
octagonal constraints we must also have p{i) — —pit), so that the arcs {i,j) 
and (j, z) should have the same weight. Therefore, to encode rational octagonal 
constraints, we restrict attention to consistent graphs over TV where the arcs in 
all such pairs are coherent. 



341. 
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Definition 6.1. (Octagonal graph.) A (rational) octagonal graph is any 
consistent graph G = (TV, w) that satisfies tlic colierence assumption: 



The set O of all octagonal graphs (with the usual addition of the bottom ele- 
ment, representing an unsatisfiable system of constraints) is a sub-lattice of G±, 
sharing the same least upper bound and greatest lower bound operators. Note 
that, at the implementation level, coherence can be automatically and efficiently 
enforced by letting arc and arc share the same representation. 

The standard shortest-path closure algorithm is not enough to obtain a 
canonical form for octagonal graphs. 

Definition 6.2. (Graph strong closure/reduction.) An octagonal graph 
G = {M, w) is strongly closed if it is closed and the following property holds: 



The strong closure of an octagonal graph G in A/" is 

S-closure(G) := |J{ G" S O | G" < G and G" is strongly closed }. 

An octagonal graph R is strongly reduced if, for each octagonal graph G ^ R 
such that R<G,wc have S-closure(i?) ^ S-closure(G). A strong reduction for 
the octagonal graph G is any strongly reduced octagonal graph R such that 
S-closure(i?) = S-closure(G). 

Observe that, as was the case for shortest- path reduction, a strong reduction 
for a strongly closed graph G is a subgraph of G. 

We denote by OCT„ the domain of octagonal shapes, whose non-empty 
elements can be represented by octagonal graphs: BD„ is a mect-sublattice of 
OCT„, which in turn is a meet-sublattice of CP„. A strongly closed (resp., 
strongly reduced) graph encodes a system of octagonal constraints which is 
closed by entailment (resp., contains no redundant constraint). 

6.2. Exact Join Detection for Rational Octagonal Shapes 

An exact join decision procedure specialized for rational octagonal shapes 
can be based on the following result. 

Theorem 6.3. For each h £ {1,2}, let octh G OCT„ be a non-em.pty octagonal 
shape represented by the strongly closed graph Gh = {J\f,Wh) and let Rh be a 
subgraph ofGh such that S-closure(ii/j) = Gh. Let also Gi UG2 = {M, w). Then 
octi 1+) oct2 7^ octi U oct2 if and only if there exist arcs {i,j) of Ri and {k,i) of 

i?2 such that 



Mi,j &N : w{i,j) = w{j,i). 



(5) 



Vi, j G Af : 2w{i,j) < w{i,i) + w{j, j). 



(6) 



(la) wi{i,j) < W2{i,j); 



(lb) W2{k,e) < wi{k,l); 
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(2a) wi{i,j)+W2{k,i) <w{i,t) +w{k,j); 

(2b) wi{i,j)+W2{k,l) <w{i,k)+w{j,l); 

(3a) 2w-i_{i,j)+W2{k,€) < w{i,e) +w{i,k) +w{j,j); 

(3b) 2wi{i,j)+W2ik,e) <w{k,j)+wij,e)+w{i,i); 

(4a) wi{i,j) + 2w2{k,£) < w{i,t} + w{^,t} + w{k,k); 
(4b) wi{i,j) + 2w2{k,i) < w{k,j) + w{i,k) + w(i,e). 

Proof. For each r e A/" = {0, . . . , 2n - 1} and each v = {vi,. .., Vn)'^ £ M", we 
denote by 7fr(v) the projection of vector v on the space dimension corresponding 
to the octagonal graph node r, defined as: 



Suppose that octi W oct2 7^ octi U oct2, so that there exists p G octi W oct2 
such that p ^ octi and p ^ oct2. Hence, there exist arcs and {k,i) of -Ri 
and i?2, respectively, satisfying 



hence conditions (la) and (lb) hold; 

w{i,e) +w{k,j) > TTi{p) -ne{p) +7rfe(p) - nj{p) 

= 7fi(p) - nj{p) + jTkip) - TTlip) 

> wi{i,j)+W2{k,i) 

so that condition (2a) holds and, by a symmetric argument, condition (2b) 
holds; 

w{i,£) + w{i,k) +w(j,j) > (#j(p) - ni{p)) + (n,{p) + nkip)) + {-2nj{p)) 

= 2(7r»(p) - ^j(p)) +7rfe(p) -7rf(p) 

> 2wi{i,i)+W2{k,e) 

so that condition (3a) holds; conditions (3b), (4a) and (4b) follow by symmetric 
arguments. 

We now suppose that, for some i, j,k,£ G Af, all conditions (la) - (4b) hold. 
Note that, by (la) and (lb), i ^ j and k ^ £. Suppose first that G 
{{i,k),{k,i)}; then, conditions (2a) and (2b) imply wi{i,j) +W2{j,i) < 0, so 
that the graph greatest lower bound Gi n G2 is inconsistent, as it contains a 
negative weight proper cycle; hence, octinoct2 = 0, which imphes octil±)oct2 




w{i,j) > •^i(p) - nj{p) > wi{i,j), 
w{k,e) > 7ffc(p) -7re{p) > W2{k,£); 
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octi U oct2. Therefore, in the following we assume that ^ {{£,k), (fc,^)} 

holds. 

If the right hand sides of the inequalities in conditions (la) - (4b) are all 
unbounded, let e := 1; otherwise let 



' - wi{i,j), 










w{k,j) 


~ wi{i,j) 


-W2{k,l)), 




^{w{i,k) + 


w{jj) 




-W2{kJ)), 






w{i, k) - 


f j) - 


- 2u'i(«, j) - 


W2{k,£)), 


^{w{k,j) 4 


w{jj) 


4 w{i,i) ~ 


- 2wi{i,j) " 


W2{kJ)), 




w{-j,£)- 


- w(fc, k) - 


- - 


2w2{k,£)), 


^ ^{w{k,j) 4 


w{i, k) 


+ w(l,£) ' 




2w2{k,£)) _ 



Then, by conditions (la) - (4b) e > 0. Consider the graph G" = (TV, w'') where, 
for each r, s £ A/", 

{-■u;i(i, j) - e, if (r, s) G {(j,i), («,j)}; 
-W2{k,£)^t, if (r,s) e {(^,fc),(fc,Z)}; 
ti;(r, s), otherwise. 

Let G :— G\iA G2; as G is coherent, G" is coherent too. We now show that 
G' is a consistent graph; to this end, since G is known to be consistent, it is 
sufficient to consider the proper cycles of G' that contain arc (j, i) or arc [£, fc)|^ 
Let dij = i ■ ■ ■ j and 9ke — k ■ ■ ■ £ be any simple paths from i to j and from 
k to £, respectively. Then G' is consistent if and only if w'{dij ■ i) > and 
w'{Qkt • fc) > 0. We only prove w'{6ij ■ i) > since the proof that w'{6ki • fc) > 
follows by a symmetrical argument. Since Oij is simple, it does not contain the 
arc (j, i). In the following we consider in detail five cases, again noting that all 
the other cases can be proved by symmetrical arguments: 

1. Oij contains none of the arcs {£,k), {k,l) and («, j); 

2. 6,, ^e.n:: (hj) 0-„; 

3. e^j^eu :: i£,k) :: 0kf, 

4. e^j^Ou :: i£,k) :: O^-j: :: (k,I) :: 



^Any cycle containing arc (resp., {k,£)) can be transformed to the corresponding 

coherent cycle containing arc {j,i) (resp., (£,k)), having the same weight. 
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5. % = 6u {i,k) :: 6^-^ :: {k,I) :: % :: (ij) :: 

where the simple paths On, 6^, 6kj, 0^.-]^, Ojj, 0^ and d^j contain none of the arcs 
ii,k), {k,I) and 

• Case (1). 

w'iOij ■i) = w'{eij) + w'{j,i) 

= w(6ij) -wi{i,j) -e 

> w{i,j) -wi{i,j) - € 

> 



[def. of w'] 
[G closed] 
[def. of el. 



Case (2). 

w'{9ij ■ i) = w'{9ij) + w'{i,j) + w'{9jj) + w'{j, i) 

= w' {Oil) + w' {e-jj ) + 2w' {j, i) [C coherent] 

= w{eu) + wiOjj) - 2wi [i, j) - 2e [def. of w'] 

> w{i,i) + w{j,j) — 2wi{i,j) — 2e [G closed] 

> 2w{i,j) — 2wi{i,j) — 2e [G strongly closed] 
= 2(w(i,i) - wi{i,j)) - 2e 

>0 [def. of e]. 

Case (3). 

w'iOij ■ i) = w'{eu) + w'{l, k) + w'{6kj) + w'{j, i) 

= w{9u) - W2{k,£) - e + w{9kj) - wi{i,j) - e [def. of w'] 

> w{i,i) — W2{k,£) — e + ■w{k,j) — wi{i,j) — e [G closed] 
= {w{i,£) + w{k,j) - wi{i,j) - wi{k,€)) - 2e 

>0 [def. of e]. 

Case (4). 
w'{9ij ■ i) 

= w'{eu) + w'{e,k) + w'{e^-^) + w'{k,I) + w'{ej.) + w'{j,i) 

= w'{9ri) + 2u/(e, k) + w'{9^-^) + w'{9-ji) + w'{j, i) [G' coherent] 

= w{9u) - 2w2ik,£) -2e + w{9^-^) + w{9-ji) - wi{i,j) - e [def. of w'] 

>w{i,i)- 2w2 (fc, e) - 2e + w{k,k) + w{j, e) - wi{i, j) - € [G closed] 
= {w{i,i) + w{j,£) + w{k,k) - wi{i,j) - 2w2{k,e)) - 3e 

>0 [def. of e]. 
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Case (5). 



• i) = w'ieu) + w'{e, k) + w'ie^j:) + w'(k,i) 

+ w'iOj-) + w'iij) + w'i9jj) + w'U, i) 

= 2w{du)~2wi{i,j)-2e 

+ w{e,^)+w{ej,)~2w2{k,i)-2e 

> 2w{i,e) ~ 2wi{i,j) - 2e 

+ w{k,k) +w{j,j) -2w2{kJ.) -2e 

> 2w(i,t) - 2wi(i,j) - 2e 

+ 2w{k,j) - 2w2{k,£) - 2e 

= 2(u.(2,^) +u.(fc,j) -u'll^^j) -i«2(fc,^)) - 

> 
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[G" coherent] 
[def. of w'] 
[G closed] 
[G strongly closed] 
[def. of e]. 



Therefore G' is consistent. Moreover, G' <G since 

w'ijji) = —wi{i,j) — e [def. of w'] 

<-wi{i,j) [e>0] 

< wi {j, i) [Gi consistent] 

<w{j,i) [def. G]; 

similarly, w'{i, k) < w{£, k); hence, for all r,s £ M, w'{r, s) < w{r, s). 

Let Oct' G OCT„ be represented by G' , so that ^ oct' C octi ttloct2. Since 
w'{j, i) + wi{i,j) < 0, we obtain oct' n octi = 0; since w'{i, k) + W2{k,£) < 0, 
we obtain oct' n oct2 = 0. Hence, octi W oct2 ^ octi U oct2. □ 

Since the computation of the strong closure and strong reduction of an oc- 
tagonal graph are both in 0('^^) [3, M, HI], an algorithm for the exact join 



detection on (D)CT„ based on Theorem 16.31 has the same asymptotic worst-case 
complexity as the corresponding algorithm for BD„. 

Example 6.4. Consider the 2-dimensional octagonal shapes 

octi — con({a;i + X2 < 0}), 
oct2 — con({a;i < 2}}. 

Then the join octi W oct2 — is not exact. Taking the nodes i — 0, j — 3, 
k = and £ ^ 1 (which represent the signed form variables Xi, x^, x'^ and 
respectively), we have wi{i,j) = (encoding xi + X2 < 0) and W2{k, £) — A 
(encoding xi+Xi < 4, i.e., Xi < 2). So all the left hand sides in conditions (la) 
- (4b) are finite while all the corresponding right hand sides are infinite; and 
hence all the conditions will hold. 
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6. 3. Exact Join Detection for Integer Octagonal Shapes 

We now consider the case of integer octagonal constraints, i.e., octagonal 
constraints where the bounds are all integral and the variables are only al- 
lowed to take integral values. These can be encoded by suitably restricting the 
codomain of the weight function of octagonal graphs. 

Definition 6.5. (Integer octagonal graph.) An integer octagonal graph is 
an octagonal graph G = {J\f, w) having an integral weight function: 



As an integer octagonal graph is also a rational octagonal graph, the con- 
straint system that it encodes will be satisfiable when interpreted to take values 
in Q. However, when interpreted to take values in Z, this system may be unsat- 
isfiable since the arcs encoding unary constraints can have an odd weight; we say 
that an octagonal graph is "L-consistent if its encoded integer constraint system 
is satisfiable. For the same reason, the strong closure of an integer octagonal 
graph does not provide a canonical form for the integer constraint system. 

Definition 6.6. (Graph tight closure/reduction.) An octagonal graph 
G — (TV, w) is tightly closed if it is a strongly closed integer octagonal graph 
and the following property holds: 



A Z-consistent integer octagonal graph R is tightly reduced if, for each integer 
octagonal graph G ^ R such that R<G, we have T-closure(i?) ^ T-closure(G). 
A tight reduction for the Z-consistent integer octagonal graph G is any tightly 
reduced graph R such that T-closure(i?) = T-closure(G). 

It follows from these definitions that any tightly closed integer octagonal graph 
encodes a satisfiable integer constraint system if and only if it is Z-consistent [g. 
Therefore, tight closure is a kernel operator on the lattice of octagonal 
graphs, as was the case for strong closure. Observe also that a tight reduction 
for a tightly closed graph G is a subgraph of G P. We denote by OCT^ the 
domain of integer octagonal shapes. 

To prove the Theorem l6. 81 below, we will also use the following result proved 
in [2^ Lemma 4] . 

Lemma 6.7. Let G = (TV, w) be an integer octagonal graph with no negative 
weight cycles and Gt — (TV, Wt) be a graph having a negative weight cycle and 
such that wt satisfies 



Wi,j eJ\f : w{i,j) e ZU{+oo}. 



Vi G J\f : w{i,i) is even. 



(7) 



The tight closure of an octagonal graph G in tV is 
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Then there exist i,t E Af and a cycle t: = (i ■ iri ■ i) :: [t ■ tt2 ■ i) in G such that 
ty(7r) — and the weight of the shortest path in G from i to t is odd. 

We are now ready to state the condition for exact join detection for integer 
octagonal shapes. 

Theorem 6.8. For each h e {1,2}, let octh S OCT^ be a non-empty integer 
octagonal shape represented by the tightly closed graph Gt = {^,Wh) and let Rh 
be a subgraph of Gh such that T-closure(i?/i) = Gh- Let also G1UG2 = {M, w). 
Then octi t) oct2 7^ octi U oct2 if and only if there exists arcs {i,j) of Ri and 
{k,£) of R2 such that, letting —2 if j = i and eij — 1 otherwise and ei^i — 2 
if £ = k and e^.^ = 1 otherwise, the following hold: 

(la) wi{i,j) + e,j < W2{i,j); 

(lb) W2{k,£) + eM<wiik,£); 

(2a) wi{i,j) + W2(k,£) + eij + eu < w{i,£) + w{k,j); 

(2b) wi{i,j) + W2{k,£) + tij + eki < w{i, k) + w(£,j); 

(3a) 2wi{i,j) + W2{k,£) + 2ey + Ckt < w{i,£) + w{k,i) + w{j,j); 

(3b) 2wi{i,j) + W2{k,£) + 2eij + cm < w{k,j) + w{j,£) + w{i,i); 

(4a) wi{i,j) + 2w2{k, £) + + 2ta < w{k,j) + w{i,k) + w{£,£); 

(4b) wi {i, j) + 2w2{k, £) + ey + 2eM < w{i, £) + w{£, j) + w{k, k). 

Proof. We wih use the notation tt as defined in the proof of Theorem 16.31 
Suppose that octi l±l oct2 7^ octi U oct2, so that there exists p G octi 1+1 oct2 
such that p ^ octi and p ^ oct2. Hence, letting pij := 7ri(p) — 7rj(p) and 
Pm '■= T^kip) ~T^i{p): there exist arcs {i,j) and {k,£) of i?i and i?2, respectively, 
satisfying > wi{i,j) and pke > W2{k,£); as p £ octi tt) oct2, we also have 
W2{i,j) > Pij and wi{k,£) > pke- Note that wi{i,j) and W2{k,£) are both finite 
and hence in Z so that > wi{i,j) + l andpkt > W2{k,£) + 1; also, by the tight 
coherence rule 0, if j = Pij > wi{i,i) + 2 and, if fc = Z, pki > W2{k,£) + 2. 
Therefore, by definition of and eki, we have 



W2{i,j)> n^{p) - nj{p) 

> wi{i,j) + e^j, 
wi{k,£) > 7ffc(p) - TTe{p) 

> W2{k,£) + eke 



so that conditions (la) and (lb) hold. Moreover, 



w{i,£) + w{k,j) > 7fi(p) - TTe{p) + TTk{p) 
= n,{p) - ^j(p) +^fc(p) 
> wi{i,j) + W2{k,£) + ei 



+ eke 
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so that condition (2a) holds and, by a symmetrical argument, condition (2b) 
holds. Similarly, 

w{i,£) + w{k,i)+wij,j) > (^,(p) - ^^(p)) + (^fc(p) +^,(p)) + (-2^,(p)) 

= 2(7i-,(p) - ^j(p)) + ^fc(p) - ^i{p) 
> 2wi{iJ) + W2ik,e) + 2eij + eui 

so that condition (3a) holds; conditions (3b), (4a) and (4b) follow by a symmet- 
rical argument. 

We now suppose that, for some i,j,k,£ e Af, conditions (la) - (4b) hold. 
Consider the graph G' ~ (A/", w') where, for each r, s e A/", 

{-wi{i,j) - e^j, if (r,s) G («,j)}; 
-W2{k,£)-eke, if (r, s) e {{£, k), (k,£)}; 
w{r,s), otherwise. 

Let G := Gi UG2; as G is coherent, G' is coherent too; as G is tightly closed, G' 
satisfies property ([7]) . Hence it follows from Lemma 16.71 that G' is Z-consistent 
if it has no negative weight cycles. By using a reasoning similar to that in the 
proof of Theorem 16. 3[ it can be seen that there are no negative weight cycles in 
G' so that G' is Z-consistent and G' < Gi U G2. Let oct' G OCT^ be represented 
by G', so that 7^ oct' C octi 1+1 oct2. Since w'{j,i) + Wi{i,j) < 0, we obtain 
oct' n octi = 0; since w'{£, k) + W2{k, £) < 0, we obtain oct' n oct2 = 0. Hence, 
octi y oct2 ^ octi U 0Ct2. □ 

Since the tight closure and tight reduction procedures are both in 0(n'^) 0, 
the exact join detection algorithm for integer octagonal shapes has the same 
asymptotic worst-case complexity of all the corresponding algorithms for the 
other weakly relational shapes. 



7. Conclusion and Future Work 

Several applications dealing with the synthesis, analysis, verification and op- 
timization of hardware and software systems make use of numerical abstractions. 
These are sets of geometrical objects — with the structure of a bounded join- 
semilattice — that are used to approximate the numerical quantities occurring 
in such systems. In order to improve the precision of the approximation, sets of 
such objects are often considered and, to limit redundancy and its negative ef- 
fects, it is important to "merge" objects whose lattice-theoretic join corresponds 
to their set-theoretic union. 

For a wide range of numerical abstractions, we have presented results that 
state the necessity and sufficiency of relatively simple conditions for the equiva- 
lence between join and union. These conditions immediately suggest algorithms 
that solve the corresponding decision problem. For the case of convex polyhe- 



dra, we improve upon one of the algorithms presented in |13l . Il4| by defining 
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an algorithm with better worst-case complexity. For all the other considered 
numerical abstractions, we believe the present paper is breaking new ground. 
In particular, for the case of NNC convex polyhedra, we show that dealing with 
non-closedness brings significant extra complications. For the other abstrac- 
tions, the algorithms we propose have worst-case complexities that, in a sense, 
match the complexity of the abstraction, something that cannot be obtained, 
e.g., by applying an algorithm for general convex polyhedra to octagonal shapes. 

All the above mentioned algorithms have been implemented in the Parma 
Polyhedra Library 010 Besides being made directly available to the client 
applications, they are used internally in order to implement widening operators 
over powerset domains Our preliminary experimental evaluation, though 
not extensive, showed the efficiency of the algorithms is good, also thanks to a 
careful coding following the "first fail" principle^^ 

In this paper we have studied exact join detection for the most popular 
abstract domains. However, due to the importance numerical domains have 
in the synthesis, analysis, verification and optimization of hardware and soft- 
ware systems, due to the need to face the complexity/precision trade-off in an 
application-dependent way, new domains are proposed on a regular basis. The 
fact that they may be not so popular today does not impede that they can prove 
their strength tomorrow. These domains include: the two variables per linear 



inequality abstract domain [4l|, , octahedra [2l| , template polyhedra [39| , and 
pentagons 3^. It will be interesting to study exact join detection for these 
and other domains, the objective being the one of finding specializations with a 
complexity that matches the "inherent complexity" of the domain. 

Even though preliminary experimentation suggests that — in practice, at 
least for some applications [J, ll7| — pairwise joins allow the removal of most 
redundancies, work is still needed in the definition of efhcient algorithms to 
decide the exactness of join for k > 2 objects. Moreover, it would be useful 
to develop heuristics to mitigate the combinatorial explosion when attempting 
full redundancy removal from a set of m objects, as it is clearly impractical to 
invoke 2"* — m — 1 times the decision algorithm on fc = 2, . . . , m objects. 

Acknowledgments. We are grateful to the participants of the Graphite Workshop 
(AMD's Lone Star Campus, Austin, Texas, November 16-17, 2008) for stimu- 
lating us to add efhcient exact join detection algorithms to the Parma Polyhedra 
Library, something that led us to the research described in this paper. 

We are also indebted to the anonymous referees for their careful and detailed 
reviews, which allowed us to significantly improve the paper. 



^"The Parma Polyhedra Library is free software distributed under the terms of the GNU 
General Public License. See 'http: //www. cs .unipr . it/ppl/ for further details. 

^^This is a heuristics whereby, in the implementation of a predicate whose success depends 
on the success of many tests, those that arc most likely to fail are tried first. 
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